Chinese authorities are getting more power to inspect the information technology, or IT, of companies and access property information and business data as part of new cybersecurity rules, reported the Wall Street Journal.
The report, citing Chinese government rules, said that as of November 1, police officers in the country have the authority to inspect businesses and remotely log into corporate networks to see if there are any security loopholes. The paper, citing business regulations released by the Public Security Ministry, noted police will also have the power to copy information and inspect records that could “endanger national security, public safety, and social order.” William Nee, an analyst at Amnesty International, told the Wall Street Journal that the rules give China more authority to inspect companies and require them and internet service providers to fully comply with the country’s cybersecurity rules. The rules mandate security checks of technology products that the government supplies and for banking and telecommunications businesses that are critical industries. The law, noted the report, has faced criticism from foreign businesses who said China could use the laws to force companies to disclose source codes and corporate secrets to provide proof that their networks are secure and then leak the information to competitors in China.
Despite China’s hard stance on cybersecurity, lots of businesses have looked to work with China to maintain or get access to the Chinese market. According to the WSJ, Microsoft opened what it is calling a transparency center in Beijing where officials can test the products to make sure they are secure. Meanwhile, the WSJ reported Apple has begun building a data center in Guizhou, the southwestern province of China, to meet the rules that call for foreign companies to have a local cloud data partner that can store customers in China’s data. William Zarit, chairman of the American Chamber of Commerce in China, told the WSJ that the regulations grant Chinese authorities access to any information related to cybersecurity. “It justifies for the authorities the right to basically copy or access anything,” Zarit said. “It doesn’t seem like companies have a choice.”